FIX regedit, taskmanager and folder option disabled because of RVHOST.EXE
1. Download the file UnHookExec.inf and save it to your Windows desktop.
Note: The tool has a .inf file extension.
2. Locate the download file, either on the Windows desktop or the floppy disk.
3. Right-click the UnHookExec.inf file and click install. (This is a small file. It does not display any notice or boxes when you run it.)
==========================================
Run HijackThis, and press "Do a System Scan Only".
1. When the scan is complete place a check mark next to the following entries:
F2 - REG:system.ini: Shell=Explorer.exe RVHOST.exe
O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINNT\system32\RVHOST.exe
2. After checking these items CLOSE ALL open windows EXCEPT HijackThis and click "Fix Checked." Then, reboot your computer...
==========================================
Download FileASSASSIN.zip and save to your desktop (this tool is compatible with Win 2000/NT/XP only).
* Create a new folder on C:\ called FileASSASSIN and extract (unzip) it to that folder. (Click here for information on how to do this if not sure. Win 9x/2000 users click here.)
* Open the folder and double-click on FileASSASSIN.exe.
* Select the following file(s) to delete by dragging it onto the text area or select it using the (...) browse button.
o C:\WINNT\system32\RVHOST.exe
* Select a removal method. Start with "Attempt FileASSASSIN's method of file removal."
* Click delete and the removal process will begin.
* If that did not work then, start the program again and this time check "Use delete on reboot function from windows.".
Second Choice:
Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
* Close all open Explorer windows and browsers
* Run HijackThis
* Click on the Scan button and when complete
* Put a check beside all of the items listed below
* Click on the "Fix Checked" button
* When complete and all files removed, close the application.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
F2 - REG:system.ini: Shell=Explorer.exe RVHOST.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [Yahoo Messengger] C:\WINDOWS\system32\RVHOST.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
Delete this file in bold.
C:\WINDOWS\system32\RVHOST.exe
Restart the computer normally.
Restore your TaskManager.
From the Start/Run Menu execute
RegEdit.exe
Navigate to this key.
HKEY_CURENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\
DisableTaskMgr = "1"
Click the Edit meny key and change it to "0" (Zero)
Save the change and reboot.
